Fixed wrong CSRF token storage being wired (see #1625)

Description ----------- | Q | A | -----------------| --- | Fixed issues | Fixes #1491 | Docs PR or issue | - If not specified explicitly, Symfony will autowire to the default CSRF token storage which is the session one :) Commits ------- 95f4dbc Fixed FrontendController using session csrf token storage instead of our own memory token storage
contao · May 1, 2020 · 1810310 · 1810310
1 parent 9778efd
commit 1810310
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 0 deletions.
diff --git a/core-bundle/src/Resources/config/services.yml b/core-bundle/src/Resources/config/services.yml
@@ -110,6 +110,7 @@ services:
     Contao\CoreBundle\Controller\FrontendController:
         tags:
             - controller.service_arguments
+            - { name: 'container.service_subscriber', id: 'contao.csrf.token_manager' }
 
     Contao\CoreBundle\Controller\FrontendModule\TwoFactorController:
         tags:

diff --git a/core-bundle/tests/DependencyInjection/ContaoCoreExtensionTest.php b/core-bundle/tests/DependencyInjection/ContaoCoreExtensionTest.php
@@ -1305,6 +1305,9 @@ public function testRegistersTheFrontendController(): void
                 'controller.service_arguments' => [
                     [],
                 ],
+                'container.service_subscriber' => [
+                    ['id' => 'contao.csrf.token_manager'],
+                ],
             ],
             $definition->getTags()
         );